Nonce refresh:

- Update the heartbeat nonce when refreshing nonces on the Edit Post screen.
- After a user logs in from the auth-check dialog, speed up heatrbeat to check/refresh nonces on the Edit Post screen.
- Speeding up heartbeat: bring back the setting how long it should last (how many ticks).
- Add 'heartbeat-nonces-expired' jQuery event when nonces have expired and the user is logged in.
See #23295, see #23216.

git-svn-id: https://develop.svn.wordpress.org/trunk@24528 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Andrew Ozz
2013-06-29 01:31:44 +00:00
parent a9d0ac3c6f
commit 1819e0f2c2
5 changed files with 61 additions and 31 deletions

View File

@@ -639,21 +639,25 @@ add_filter( 'heartbeat_received', 'wp_refresh_post_lock', 10, 3 );
function wp_refresh_post_nonces( $response, $data, $screen_id ) {
if ( array_key_exists( 'wp-refresh-post-nonces', $data ) ) {
$received = $data['wp-refresh-post-nonces'];
$response['wp-refresh-post-nonces'] = array( 'check' => 1 );
if ( ! $post_id = absint( $received['post_id'] ) )
return $response;
if ( ! current_user_can('edit_post', $post_id) )
if ( ! current_user_can( 'edit_post', $post_id ) || empty( $received['post_nonce'] ) )
return $response;
if ( ! empty( $received['post_nonce'] ) && 2 === wp_verify_nonce( $received['post_nonce'], 'update-post_' . $post_id ) ) {
if ( 2 === wp_verify_nonce( $received['post_nonce'], 'update-post_' . $post_id ) ) {
$response['wp-refresh-post-nonces'] = array(
'replace-autosavenonce' => wp_create_nonce('autosave'),
'replace-getpermalinknonce' => wp_create_nonce('getpermalink'),
'replace-samplepermalinknonce' => wp_create_nonce('samplepermalink'),
'replace-closedpostboxesnonce' => wp_create_nonce('closedpostboxes'),
'replace-_ajax_linking_nonce' => wp_create_nonce( 'internal-linking' ),
'replace-_wpnonce' => wp_create_nonce( 'update-post_' . $post_id ),
'replace' => array(
'autosavenonce' => wp_create_nonce('autosave'),
'getpermalinknonce' => wp_create_nonce('getpermalink'),
'samplepermalinknonce' => wp_create_nonce('samplepermalink'),
'closedpostboxesnonce' => wp_create_nonce('closedpostboxes'),
'_ajax_linking_nonce' => wp_create_nonce( 'internal-linking' ),
'_wpnonce' => wp_create_nonce( 'update-post_' . $post_id ),
),
'heartbeatNonce' => wp_create_nonce( 'heartbeat-nonce' ),
);
}
}